diff options
author | Andrew Bartlett <abartlet@samba.org> | 2005-05-15 23:42:11 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:16:45 -0500 |
commit | 5c6dd5e800b879efdce3bbc3a16f32c5e78b4917 (patch) | |
tree | 13a8286bebac583bd979d278b7f12fac25c8513b /source4/auth/gensec/gensec.h | |
parent | 8f96c42027d282eec047d1b25951a33bc2fce71f (diff) | |
download | samba-5c6dd5e800b879efdce3bbc3a16f32c5e78b4917.tar.gz samba-5c6dd5e800b879efdce3bbc3a16f32c5e78b4917.tar.bz2 samba-5c6dd5e800b879efdce3bbc3a16f32c5e78b4917.zip |
r6800: A big GENSEC update:
Finally remove the distinction between 'krb5' and 'ms_krb5'. We now
don't do kerberos stuff twice on failure. The solution to this is
slightly more general than perhaps was really required (as this is a
special case), but it works, and I'm happy with the cleanup I achived
in the process. All modules have been updated to supply a
NULL-terminated list of OIDs.
In that process, SPNEGO code has been generalised, as I realised that
two of the functions should have been identical in behaviour.
Over in the actual modules, I have worked to remove the 'kinit' code
from gensec_krb5, and placed it in kerberos/kerberos_util.c.
The GSSAPI module has been extended to use this, so no longer requires
a manual kinit at the command line. It will soon loose the
requirement for a on-disk keytab too.
The general kerberos code has also been updated to move from
error_message() to our routine which gets the Heimdal error string
(which may be much more useful) when available.
Andrew Bartlett
(This used to be commit 0101728d8e2ed9419eb31fe95047944a718ba135)
Diffstat (limited to 'source4/auth/gensec/gensec.h')
-rw-r--r-- | source4/auth/gensec/gensec.h | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/source4/auth/gensec/gensec.h b/source4/auth/gensec/gensec.h index 268881e4ba..be6731abfa 100644 --- a/source4/auth/gensec/gensec.h +++ b/source4/auth/gensec/gensec.h @@ -54,7 +54,7 @@ struct gensec_security_ops { const char *name; const char *sasl_name; uint8_t auth_type; /* 0 if not offered on DCE-RPC */ - const char *oid; /* NULL if not offered by SPNEGO */ + const char **oid; /* NULL if not offered by SPNEGO */ NTSTATUS (*client_start)(struct gensec_security *gensec_security); NTSTATUS (*server_start)(struct gensec_security *gensec_security); NTSTATUS (*update)(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx, @@ -92,6 +92,11 @@ struct gensec_security_ops { BOOL enabled; }; +struct gensec_security_ops_wrapper { + const struct gensec_security_ops *op; + const char *oid; +}; + #define GENSEC_INTERFACE_VERSION 0 struct gensec_security { |